Compliance engineered with the cloud in mind. SilverDoor maintains a set of compliance certifications and attestations to validate our technology and operations.
The ISO 27001 standard provides a framework for businesses seeking to establish, implement, maintain and continually improve an Information Security Management System (ISMS). With an ISMS, businesses can secure their sensitive information through a risk management process that combines people, processes and IT systems.
SilverDoor conforms to the standards developed by United Kingdom Accreditation Service (UKAS) and audited externally by the British Assessment Bureau (BAB). SilverDoor's ISO 27001 certification applies to all of our technology platforms across all locations. Our ISO 27001 certificate number is 220823
The ISO 9001 standard provides guidance for businesses that want to consistently meet and exceed customer requirements and regulatory requirements. It’s based on a number of quality management principles, including a strong product, operational and customer focus, to help ensure that customers receive consistently high-quality products and services.
SilverDoor conforms to the standards developed by United Kingdom Accreditation Service (UKAS) and audited externally by the British Assessment Bureau (BAB). SilverDoor's ISO 9001 certification applies to our entire Business Management System (BMS). Our ISO 9001 certificate number is 220777
The General Data Protection Regulation (GDPR) is a comprehensive European privacy law that took effect on May 25, 2018.
SilverDoor fully comply with this regulation and have implemented all controls and processes outlined in the framework such as, having expanded data privacy rights for individuals, a detailed data breach notification mechanism with enhanced security for data processing, transmission and storing.
The UK Cyber Essentials scheme was developed as part of the UK's National Cyber Security Programme and is backed by the UK industry, including the Federation of Small Businesses and the CBI. SilverDoor is credited by the certification body CREST, which has included an independent CREST security assessor thoroughly testing our cybersecurity controls and computing resources as per the outlined security criteria of the scheme.
The Payment Card Industry Data Security Standards (PCI DSS) is an information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. SilverDoor has implemented rigorous data security standards to ensure that its customer's credit card information remains safe and secure. Our processes have been vetted by Security Metrics, who have also carried out vulnerability scanning of our systems.
We maintain a DR plan that supports a robust business continuity strategy for our production technology services. Our plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering. The DR plan is constantly measured against strict regulatory and governance requirements.
SilverDoor has attestation of penetration tests and security assessments performed by third parties. We do not provide details of any findings here. Findings can be made available on special request by emailing us. As verified by external audits, vulnerabilities discovered during testing are tracked and resolved in accordance with corporate policy and industry best practices.
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks are mechanisms designed to allow companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. The frameworks, which are administered by the International Trade Administration (ITA) enable U.S.-based organisations to benefit from their adequacy determinations.
SilverDoor are an active participant in the Privacy Shield Framework.